Flushing iptables on Fedora

iptables is a mechanism in Linux kernel for port forwarding, NAT, firewalls etc. In Linux distros, such as Fedora, the iptables is configured to be as a “strict” firewall that opens a limited know ports, such as 22 for SSH. However, in some network environment, such as a private cluster, the nodes are trusted and firewalls are usually not needed. We may flush the default iptables to make it accept all connections and add rules as needed. This post introduces how to flush the iptables rules added by default on Fedora. This should also work on RHEL/CentOS etc.

Flush rules in the INPUT table

# iptables -F

Flush rules in the NAT table

# iptables -t nat -F

As the changes above only affect the in-memory state of the iptables in the kernel and Linux will restore the rules from a file stored on disk when it is booted, to make the changes “permanent” after rebooting, we should also make the changes into the file for restoring the rules.

Save the rules to the file

# cp /etc/sysconfig/iptables /etc/sysconfg/iptables.bak # backing up before changing is a good habit
# iptables-save > /etc/sysconfig/iptables

Eric Zhiqiang Ma

Eric is interested in building high-performance and scalable distributed systems and related technologies. The views or opinions expressed here are solely Eric's own and do not necessarily represent those of any third parties.

0 comments:

Leave a Reply

Your email address will not be published. Required fields are marked *